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REMARKS 

This paper is submitted in response to the Office action dated June 22, 2009 (the "Office 
Action"). 

Claims 39-40, 44-47, 49-57, 59-62, 64-65, 67, and 71-74 are pending in the application. 
Claims 39-40, 44-47, 49-57, 59-62, 64-65, 67, and 71-74 stand rejected. 

The amendments add no new matter. Support for the amendments may be found 
throughout Applicant's Specification and Drawings as originally filed, for example on p. 3, 
lines 6-8; p. 5, lines 4-8; p. 5, lines 19-22; p. 6, lines 4-6; p. 6, lines 20-24; p. 6, line 24 — p. 7, 
line 2; p. 7, lines 12-13; p. 8, lines 21-22; and p. 9, lines 9-12. While not conceding that the cited 
reference(s) qualify as prior art, but instead to expedite prosecution, Applicant has chosen to 
respond as follows. Applicant reserves the right to establish that the cited reference(s), or other 
references cited thus far or hereafter, do not qualify as prior art as to an invention embodiment 
previously, currently, or subsequently claimed. Applicant also reserves the right, for example in 
a continuing application, to pursue the previously pending claims or claims similar thereto. 
Applicant respectfully submits that the pending claims are allowable in view of the following 
remarks and the above amendments, and respectfully requests reconsideration of the pending 
rejections. 

Rejections under 35 U.S.C. S 103(a) 

Claims 39-40, 44-47, 49-57, 59-62, 64-65, 67, and 71-74 stand rejected under § 103(a) as 
purportedly being unpatentable over U.S. Patent No. 6,870,921 issued to Elsey et al. ("Elsey") in 
view of an article by Thomas, "Team-based Access Control (TMAC): A Primitive for Applying 
Role-based Access Controls in Collaborative Environments," Proceedings of the second ACM 
workshop on Role-based access control, pp. 13-19 (1997) ("Thomas"), and in view of an article 
by Sandhu et al., "The NIST Model for Role-Based Access Control: Towards A Unified 
Standard," 1 7 pp., provided by the Examiner and cited by the Examiner as pp. 47-63 of the 
Proceedings of the fifth ACM workshop on Role-based access control, ACM (2000) ("Sandhu"). 
Applicant respectfully submits that the amended claims are allowable under § 103(a) because the 
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cited portions of the reference do not disclose or fairly suggest each limitation of Applicant's 
claims. 

Sandhu's conflicts of interest are not equivalent to a condition of access authorization. 

For example, independent claim 39 includes an access control subsystem. The access 
control subsystem is configured to provide access to a user, but only when the user has an access 
authorization. The access authorization is based at least in part on the whether the user is in 
communication with a customer of a first tenant. Moreover, the access control subsystem is 
configured to deny access to at least one other virtual database when the user has the access 
authorization to the first virtual database. (Emphasis added.) At least these limitations are 
absent from the cited portions of Elsey, Thomas, and Sandhu, whether taken individually or in 
combination. 

With regard to the denial of access, the Office Action cites § 5.1 of Sandhu, titled "Static 
Separation of Duty" (SSD). This section and the subsequent section (§ 5.2, "Dynamic 
Separation of Duty" (DSD)) relate to prohibiting users from being members of different roles 
that have conflicts of interest. 

However, the cited sections of Sandhu fail to disclose denial of access to one virtual 
database when a user has access authorization to a different database. Applicant notes that 
restrictions based at least in part on data content are distinct from restrictions based at least in 
part on conflicts of interest. Indeed, Sandhu itself illustrates this shortcoming. 

In Sandhu's example of separation of duties, "if a user is authorized as a member of one 
role, the user is prohibited from being a member of a second role." See Sandhu, § 5.1 . Sandhu 
provides an example in which: 

a user who is authorized for the role Billing Clerk may not be 

authorized for the role Accounts Receivable (AR) Clerk That 

is, the roles Billing Clerk and Accounts Receivable Clerk are 
mutually exclusive. 

Sandhu, § 5.1 . Sandhu goes on to observe that some separations of duties can involve switching 
of roles, as long as the roles are not assumed simultaneously: 
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For example, a user may be authorized for both the roles of 
Cashier and Cashier Supervisor, where the supervisor is allowed to 
acknowledge corrections to a Cashier's open cash drawer. If the 
individual acting in the role Cashier attempted to switch to the role 
Cashier Supervisor, RBAC would require the user to drop his or 
her Cashier role, and thereby force the closure of the cash drawer 
before assuming the role Cashier Supervisor. As long as the same 
user is not allowed to assume both of these roles at the same time, 
a conflict of interest situation will not arise. 

Sandhu, § 5.2. 

Even assuming that the foregoing provides some manner of basis for the position 
espoused in the Office Action (a point which Applicant does not concede), Sandhu fails to 
disclose a denial of access "when the user has the access authorization to the first virtual 
database." A person having ordinary skill in the art would readily appreciate that a condition of 
having access authorization to one virtual database not equivalent to a condition that involves a 
conflict of interest. Various situations require access to multiple databases without invoking 
conflicts of interest. Similarly, conflicts of interest arise without involving access to more than 
one virtual database. The condition in claim 39 of a user having access authorization to a first 
virtual database is therefore not equivalent to (and indeed, is fully independent from) Sandhu's 
condition of a conflict of interest. 

At least for this reason, Sandhu fails to disclose or fairly suggest an access control 
subsystem that is configured to "deny . . . access to at least one other virtual database when 
the user has the access authorization to the first virtual database," as recited in Applicant's 
claim 39. As noted in the Office Action, the cited passages of Elsey do not remedy this 
shortcoming of Sandhu. See Office Action, p. 5. Applicant also does not find this limitation 
within the cited portions of Thomas. Independent claim 39 and all claims dependent therefrom 
are therefore allowable under § 103(a). At least for similar reasons, independent claims 46 and 
64 and all claims dependent therefrom are also allowable under § 103(a). 
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The cited passages fail to dis close a denial of access to a virtual database that "corresponds 
to at least one tenant other than the first tenant » 

Nonetheless, in an effort to advance prosecution, Applicant has amended the independent 
claims. As noted above, independent claim 39 recites that the access authorization is based at 
least in part on the whether the user is in communication with a customer of a first tenant. As 
amended, claim 39 further recites that the at least one other virtual database to which access 
is denied "corresponds to at least one tenant other than the first tenant." Applicant does not 
find this limitation in the cited passages. 

Indeed, Sandhu's example of separation of duties is additionally incongruous with this 
limitation. Sandhu teaches that a separation of duties can involve common access to a shared 
resource: in the above-quoted example, the "cash drawer" is used both by Cashier and by 
Cashier Supervisor. Even if this resource of a cash drawer could be equated with the virtual 
databases in claim 39 (a point which Applicant does not concede), Sandhu's teachings regarding 
this cash drawer are not even analogous to the relationships recited in claim 39. Sandhu's 
sharing of a common resource (the cash drawer) is counter to the allowed and denied access in 
claim 39, which apply to distinct resources. Sandhu denies simultaneous access to a single 
resource (cash drawer) by more than one role unless the roles are played by more than one 
users. 

In contrast, claim 39 denies simultaneous access by a single user to more than one 
resource (virtual databases). Access is allowed to files in a first virtual database corresponding 
to a first tenant, and access is denied to at least one other virtual database, which corresponds to 
at least one tenant other than the first tenant. In particular, claim 39 recites that the at least one 
other virtual database to which access is denied "corresponds to at least one tenant other than the 
first tenant." 

These limitations regarding denied access based on relationships to tenants, is 
additionally absent from the cited passages of Elsey, Thomas, and Sandhu, whether taken 
individually or in combination with each other and the knowledge available to a skilled person. 
At least for this reason, independent claim 39 and all claims dependent therefrom are 
additionally allowable under § 103(a). At least for similar reasons, independent claims 46 and 
64 and all claims dependent therefrom are also additionally allowable under § 103(a). 



- 13- 



Application No. 10/743,214 



PATENT 



CONCLUSION 

In view of the amendments and remarks set forth herein, the application and the claims 
therein are believed to be in condition for allowance and a notice to that effect is solicited. 
Nonetheless, should any issues remain that might be subject to resolution through a telephonic 
interview, the Examiner is invited to telephone the undersigned at 512-439-5097. 

If any extensions of time under 37 C.F.R. § 1.136(a) are required in order for this 
submission to be considered timely, Applicant hereby petitions for such extensions. The 
undersigned hereby authorizes that any fees due for such extensions or any other fee associated 
with this submission, as specified in 37 C.F.R. §§ 1 .16 or 1 .17, be charged to deposit account 
no. 502306. 



I hereby certify that this correspondence is being submitted to the 
U.S. Patent and Trademark Office in accordance with 37 C.F.R. 
§ 1 .8 on September 22. 2009 (CDn by being (a) transmitted via 
the USPTO's electronic filing system; or (b) transmitted by 
facsimile to 571-273-8300; or (c) deposited with the U.S. Postal 
Service as First Class Mail in an envelope with sufficient postage 
addressed to: Mail Stop Amendment . Commissioner for Patents, 
P. O. Box 1450, Alexandria, Virginia, 22313-1450. 



CJjfb ' 



Cyrus F. Bhamcha 



September 22, 2009 



Respectfully submitted, 

Cyrus F. Bharucha 
Attorney for Applicant 
Reg. No. 42,324 
512-439-5097 
512-439-5099 (fax) 
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